exploitDog

CVE-2024-40842

Опубликовано: 17 сент. 2024

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.

Ссылки

https://support.apple.com/en-us/121238
Release Notes
Vendor Advisory
http://seclists.org/fulldisclosure/2024/Sep/33

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 15.0 (исключая)

EPSS

Процентиль: 15%

0.00048

Низкий

5.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-200

Связанные уязвимости

GHSA-rcw8-56q4-fh4w

CVSS3: 5.5

github

больше 1 года назад

An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.

EPSS

Процентиль: 15%

0.00048

Низкий

5.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-200